JP7118212B1 - Server device, information processing system, information processing device, and information processing method - Google Patents

Abstract

An object of the present invention is to improve security when shipping an information processing device. Kind Code: A1 A server device is connectable via a network to an information processing device shipped in a locked state in which activation by an OS is prohibited, and includes device identification information for identifying the information processing device; a registration information storage section for storing in association with user identification information identifying a user who uses the processing device; device identification information included in the display information displayed on the display section of the information processing device in the locked state; an information acquisition unit that acquires user identification information from a terminal device that can be used by the user; and a device that stores the device identification information and user identification information acquired by the information acquisition unit from the terminal device and the registered information storage unit a change processing unit that permits the information processing device corresponding to the device identification information to be changed from the locked state to the normal state that can be started by the OS when the identification information and the user identification information match. [Selection drawing] Fig. 3

Description

The present invention relates to a server device, an information processing system, an information processing device, and an information processing method.

In information processing devices such as personal computers (PCs), if the information is lost or stolen while being delivered to the user who is the purchaser by mail, etc., a third party who is not the legitimate user can Processing equipment can be used. As a countermeasure against such loss or theft, there is known a technique for improving security by entering a password when an information processing apparatus is activated (see, for example, Japanese Patent Application Laid-Open No. 2002-200013).

JP 2017-117320 A

However, in the conventional technology described above, in order to ensure security, it is necessary to set a different password for each user before shipment. is desired.

SUMMARY OF THE INVENTION The present invention has been made to solve the above problems, and an object of the present invention is to provide a server device, an information processing system, an information processing device, and an information processing method that can improve security when shipping information processing devices. to provide.

In order to solve the above problem, one aspect of the present invention is a server device connectable via a network to an information processing device shipped in a locked state in which activation by an OS (Operating System) is prohibited, comprising: a registration information storage unit for storing device identification information for identifying an information processing device and user identification information for identifying a user who uses the information processing device in association with each other; and display of the information processing device in the locked state. an information acquisition unit for acquiring the device identification information and the user identification information included in the display information displayed on the unit from a terminal device usable by the user; and the information acquisition unit from the terminal device. the information processing device corresponding to the device identification information when the obtained device identification information and the user identification information match the device identification information and the user identification information stored in the registered information storage unit; from the locked state to a normal state that can be started by the OS.

Further, according to one aspect of the present invention, in the server device described above, the information processing device enters the locked state based on the flag information, and the change processing unit receives the information acquired from the terminal device by the information acquisition unit. When the device identification information and the user identification information match the device identification information and the user identification information stored in the registration information storage unit, the flag information is released from the locked state and the normal It is also possible to permit transmission of a program for changing to the state to the information processing device corresponding to the device identification information.

In one aspect of the present invention, in the server device described above, the registration information storage unit includes the device identification information, the user identification information, and an invalidation information indicating whether to invalidate the purchase of the information processing device. The change processing unit stores the device identification information and the user identification information acquired from the terminal device by the information acquisition unit, and the device identification information stored in the registered information storage unit. and the user identification information, and the invalidation information is information that does not invalidate the purchase of the information processing device, the information processing device corresponding to the device identification information is placed in the locked state. to the normal state, and if the invalid information is information that invalidates the purchase of the information processing device, the lock state is prohibited from being changed to the normal state. good too.

Another aspect of the present invention is an information processing system including the above server device and the information processing device.

Further, according to one aspect of the present invention, in the above information processing system, the device identification information is obtained based on the display information displayed by the information processing device, and the obtained device identification information and the The terminal device may be provided for transmitting the acquired user identification information to the server device.

In one aspect of the present invention, in the information processing system described above, the display information is a two-dimensional code, and the terminal device reads the two-dimensional code and reads the device identification information included in the two-dimensional code. may be obtained.

In one aspect of the present invention, in the above information processing system, the information processing device causes the display unit to display the display information including the device identification information in the locked state, and obtains the display information from the server device. A control unit may be provided for changing from the locked state to the normal state by executing a program.

Further, according to one aspect of the present invention, an information processing device that is connectable to a server device via a network and that is shipped in a locked state that prohibits activation by an operating system (OS) based on flag information. wherein, when the flag information indicates the locked state, display information including device identification information for identifying the device in the locked state is displayed on a display unit, and the flag information indicates that the booting by the OS is performed. A control unit that executes activation by the OS when a possible normal state is indicated, wherein the control unit identifies the device identification information stored in the server device and the user who uses the own device. When the identification information matches the device identification information detected by the terminal device usable by the user based on the display information and the user identification information acquired from the user, the server device The information processing apparatus changes from the locked state to the normal state by executing a program whose transmission is permitted.

Further, one aspect of the present invention provides an information processing device that is shipped in a locked state in which activation by an OS (Operating System) is prohibited, device identification information that identifies the information processing device, and use of the information processing device. 1. An information processing method for an information processing system, comprising: a registration information storage unit for storing user identification information for identifying a user in association with the registered information storage unit; and a server device connectable to the information processing device via a network a step of the information processing device displaying display information including the device identification information corresponding to its own device on a display unit in the locked state; a step of acquiring the device identification information and the user identification information included in the display information displayed on the display from a terminal device usable by the user; when the device identification information and the user identification information match the device identification information and the user identification information stored in the registration information storage unit, the information processing device corresponding to the device identification information is a step of permitting a change from the locked state to a normal state in which activation by the OS is possible; and changing from the normal state to the normal state.

According to the aspect of the present invention, it is possible to improve security when shipping an information processing device.

1 is a schematic block diagram showing a configuration example of an information processing system according to a first embodiment; FIG. 1 is a diagram showing an example of a main hardware configuration of a notebook PC according to a first embodiment; FIG. It is a functional block diagram showing an example of functional composition of an information processing system by a 1st embodiment. It is a figure which shows the data example of the registration information storage part in 1st Embodiment. It is a figure which shows an example of operation|movement of the information processing system by 1st Embodiment. 4 is a flow chart showing an example of the operation of the notebook PC according to the first embodiment; FIG. 5 is a diagram showing a display example of a locked state of the notebook PC according to the first embodiment; FIG. 5 is a diagram showing a display example during download of the notebook PC according to the first embodiment; FIG. 5 is a diagram showing a display example when the notebook PC is unlocked according to the first embodiment; 4 is a flow chart showing an example of the operation of the server device according to the first embodiment; FIG. 11 is a functional block diagram showing an example of the functional configuration of an information processing system according to a second embodiment; FIG. It is a figure which shows the data example of the registration information storage part in 2nd Embodiment. It is a figure which shows an example of operation|movement of the information processing system by 2nd Embodiment. 9 is a flow chart showing an example of the operation of the server device according to the second embodiment;

Hereinafter, a server device, an information processing system, an information processing device, and an information processing method according to one embodiment of the present invention will be described with reference to the drawings.

[First Embodiment]
FIG. 1 is a schematic block diagram showing a configuration example of an information processing system 100 according to this embodiment.
As shown in FIG. 1, an information processing system 100 is a system for safely initializing a notebook PC 1 (notebook personal computer) purchased by a user CS1 who is a purchaser. It comprises a device 40 and a user terminal device 50 .

Note that, in the present embodiment, a notebook PC 1 will be described as an example of an information processing apparatus.
Also, the notebook PC 1, the server device 40, and the user terminal device 50 can be connected via the network NW1.

The server device 40 is a management server that associates and manages a purchaser (or a user who uses the notebook PC 1 ) with device identification information for identifying the notebook PC 1 . The details of the configuration of the server device 40 will be described later.

The user terminal device 50 is a terminal device that can be used by the user CS1 who is the purchaser of the notebook PC 1, and is, for example, a smart phone or a tablet PC. The user terminal device 50 detects a two-dimensional code (an example of display information) to be displayed when the notebook PC 1 is in a locked state in which activation by an OS (Operating System) is prohibited, and the information contained in the two-dimensional code is detected. and the customer ID, which is the user identification information for identifying the user CS1, are transmitted to the server device 40 via the network NW1. Here, the two-dimensional code is an example of a code image that is image data in which information is coded. The details of the configuration of the user terminal device 50 will be described later.

A notebook PC 1 (an example of an information processing apparatus) is shipped in a locked state, and after a user CS1 who is a purchaser receives the notebook PC 1, the information processing system 100 is used to release the locked state. . Here, the locked state is a state in which activation by the OS is prohibited. The notebook PC 1 displays a two-dimensional code including device identification information when in a locked state. Here, the main hardware configuration of the notebook PC 1 will be described with reference to FIG.

FIG. 2 is a diagram showing an example of the main hardware configuration of the notebook PC 1 according to this embodiment.
As shown in FIG. 2, the notebook PC 1 includes a CPU 11, a main memory 12, a video subsystem 13, a display unit 14, a chipset 21, a BIOS memory 22, an HDD 23, an audio system 24, and a WLAN card. 25 , a USB connector 26 , an embedded controller 31 , an input section 32 and a power supply circuit 33 .
It should be noted that the CPU 11 and the chipset 21 correspond to the main control unit 10 in the present embodiment.

A CPU (Central Processing Unit) 11 executes various arithmetic processes under program control and controls the notebook PC 1 as a whole.
The main memory 12 is a writable memory used as a read area for the execution program of the CPU 11 or as a work area for writing processing data of the execution program. The main memory 12 is composed of, for example, a plurality of DRAM (Dynamic Random Access Memory) chips. The execution program includes BIOS (Basic Input Output System), OS, various drivers for hardware operation of peripheral devices, various services/utilities, application programs, and the like.

The video subsystem 13 is a subsystem for realizing functions related to image display, and includes a video controller. The video controller processes drawing commands from the CPU 11, writes the processed drawing information to the video memory, reads the drawing information from the video memory, and outputs it to the display unit 14 as drawing data (display data).
The display unit 14 is, for example, a liquid crystal display, and displays a display screen based on drawing data (display data) output from the video subsystem 13 . In this embodiment, the display unit 14 displays the two-dimensional code when the notebook PC 1 is in the locked state.

The chipset 21 supports USB (Universal Serial Bus), serial ATA (AT Attachment), SPI (Serial Peripheral Interface) bus, PCI (Peripheral Component Interconnect) bus, PCI-Express bus, and LPC (Low Pin Count) bus. It has a controller and multiple devices are connected. In FIG. 2 , a BIOS memory 22 , an HDD 23 , an audio system 24 , a WLAN card 25 and a USB connector 26 are connected to the chipset 21 as examples of devices.

The BIOS memory 22 is, for example, an electrically rewritable nonvolatile memory such as an EEPROM (Electrically Erasable Programmable Read Only Memory) or a flash ROM. The BIOS memory 22 stores the BIOS, system firmware for controlling the embedded controller 31 and the like.

A HDD (Hard Disk Drive) 23 (an example of a nonvolatile storage device) stores an OS, various drivers, various services/utilities, application programs, and various data.
The audio system 24 records, reproduces, and outputs sound data.

A WLAN (Wireless Local Area Network) card 25 connects to a network via a wireless (wireless) LAN to perform data communication. The WLAN card 25 is connected to the server device 40 via the network NW1, for example, and performs data communication with the server device 40 for downloading a program for releasing the locked state.
The USB connector 26 is a connector for connecting peripheral devices using USB.

The embedded controller 31 (an example of a sub-controller) is a one-chip microcomputer that monitors and controls various devices (peripheral devices, sensors, etc.) regardless of the system state of the notebook PC 1 . The embedded controller 31 also has a power management function for controlling the power supply circuit 33 . The embedded controller 31 includes a CPU, a ROM, a RAM, etc. (not shown), and has multiple channels of A/D input terminals, D/A output terminals, timers, and digital input/output terminals. For example, an input unit 32 and a power supply circuit 33 are connected to the embedded controller 31 via their input/output terminals, and the embedded controller 31 controls these operations.

The input unit 32 is, for example, an input device such as a keyboard, pointing device, or touch pad.
The power supply circuit 33 includes, for example, a DC/DC converter, a charge/discharge unit, a battery unit, an AC/DC adapter, etc., and operates the notebook PC 1 with a DC voltage supplied from the AC/DC adapter or the battery unit. To convert to multiple voltages required. Also, the power supply circuit 33 supplies power to each part of the notebook PC 1 based on the control from the embedded controller 31 .

Next, with reference to FIG. 3, the functional configuration of the information processing system 100 according to this embodiment will be described.
FIG. 3 is a functional block diagram showing an example of the functional configuration of the information processing system 100 according to this embodiment.

As shown in FIG. 3 , the information processing system 100 includes a notebook PC 1 , a server device 40 and a user terminal device 50 .
The notebook PC 1 includes a main control section 10 , a video subsystem 13 , a display section 14 , a BIOS memory 22 , an HDD 23 and a WLAN card 25 .

The BIOS memory 22 stores, for example, a lock flag FG and device identification information in addition to the above-described BIOS and system firmware for controlling the embedded controller 31 and the like.

A lock flag FG (an example of flag information) is, for example, a storage unit configured with an EEPROM, and is flag information for switching between a locked state and a normal state in which activation by the OS is possible. In this embodiment, when the lock flag FG is "1", it is in the locked state, and when the lock flag FG is "0", it is in the normal state. The lock flag FG is set to "1" (locked state) when the notebook PC 1 is shipped. It should be noted that the lock flag FG is arranged in the area with the highest security among the storage areas of the BIOS memory 22 .

The device identification information is identification information for uniquely identifying the notebook PC 1, and includes, for example, a serial number of the notebook PC 1 product, a PC tag (product tag), and the like. The device identification information is stored in the BIOS memory 22 when the notebook PC 1 is shipped. It should be noted that the device identification information is arranged in the area with the highest security among the storage areas of the BIOS memory 22 .

In the locked state, the main control unit 10 (an example of the control unit) causes the display unit 14 to display a two-dimensional code including device identification information, and executes a program obtained from the server device 40 to change the state from the locked state to the normal state. change to The main control unit 10 stores the device identification information and the customer ID stored in the server device 40, which will be described later, and the device identification information detected by the user terminal device 50 based on the two-dimensional code and the customer ID obtained from the user. If they match, the server device 40 executes a program whose transmission is permitted, thereby changing from the locked state to the normal state.
The main control unit 10 also includes a BIOS processing unit 101 , a lock processing unit 102 and an OS activation unit 103 . The BIOS processing unit 101, the lock processing unit 102, and the OS startup unit 103 temporarily store programs stored in the BIOS memory 22 or the HDD 23 in the main memory 12, and transfer the programs stored in the main memory 12 to the main control unit. 10 (CPU 11 and chipset 21).

The BIOS processing unit 101 executes BIOS processing in the notebook PC 1 . The BIOS processing unit 101 executes, for example, boot processing of the notebook PC 1 . The BIOS processing unit 101 determines whether or not to lock the notebook PC 1 based on the lock flag FG. The BIOS processing unit 101 causes the lock processing unit 102 to execute lock state processing when, for example, the lock flag FG is “1” during the activation process. In addition, when the lock flag FG is “0”, for example, the BIOS processing unit 101 causes the OS booting unit 103 to execute booting processing by the OS as normal state processing during the booting process.

The lock processing unit 102 executes processing in the locked state. The lock processing unit 102 causes the display unit 14 to display the two-dimensional code including the device identification information stored in the BIOS memory 22 . Here, the two-dimensional code is, for example, a QR code (registered trademark). The lock processing unit 102 causes the display unit 14 to display the two-dimensional code via the video subsystem 13 .

Further, the lock processing unit 102 downloads a program for changing from the locked state to the normal state from the server device 40 when permission to release the locked state is obtained from the server device 40 . Here, the program for changing from the locked state to the normal state is a permission file (for example, "Permission.efi"), and changes the lock flag FG to "0" to change to the normal state, and the boot procedure (Boot procedure) change processing is executed. The lock processing unit 102 executes the downloaded program (for example, "Permission.efi") to change the locked state to the normal state.

The OS activation unit 103 executes activation processing by the OS in the normal state released from the locked state. The OS activation unit 103 activates the notebook PC 1 using an OS (for example, Windows (registered trademark)) stored in the HDD 23, for example.

The user terminal device 50 (an example of a terminal device) acquires device identification information based on the two-dimensional code displayed by the notebook PC 1, and sends the acquired device identification information and the customer ID acquired from the user to the server. Send to device 40 .
The user terminal device 50 includes a NW (network) communication section 51 , an input section 52 , a display section 53 , an imaging section 54 , a terminal storage section 55 and a terminal control section 56 .

The NW communication unit 51 is, for example, a wireless LAN module, a LAN module, or the like, and is connected to the network NW1 by network communication such as a wireless LAN or a wireless WAN (Wide Area Network), and communicates with the server device 40. conduct.
The input unit 52 is, for example, an input device such as a touch panel, and receives various information used by the user terminal device 50 . The input unit 52 receives, for example, a customer ID from the user and outputs it to the terminal control unit 56 .

The display unit 53 is, for example, a display device such as a liquid crystal display, and displays various information used by the user terminal device 50 .
The image capturing unit 54 is, for example, a digital camera module including an image sensor, and captures various images. The imaging unit 54 images the two-dimensional code displayed on the display unit 14 of the notebook PC 1 and outputs the captured image including the two-dimensional code to the terminal control unit 56 .

The terminal storage unit 55 is, for example, a flash memory or the like, and stores various information used by the user terminal device 50 .
The terminal control unit 56 is, for example, a processor including a CPU, and controls the user terminal device 50 as a whole. The terminal control unit 56 acquires the image including the two-dimensional code captured by the imaging unit 54 and acquires the device identification information included in the two-dimensional code. Also, the terminal control unit 56 acquires the customer ID via the input unit 52 . The terminal control unit 56 transmits the acquired device identification information and customer ID to the server device 40 via the NW communication unit 51 and the network NW1.

The server device 40 verifies the legitimacy of the user CS1 of the notebook PC 1 depending on whether or not the device identification information and the customer ID obtained from the user terminal device 50 are registered in its own device. For example, when the device identification information and the customer ID acquired from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421 (to be described later), the server device 40 allows the notebook PC 1 to be used. The user CS1 is determined to be a valid user.

Further, if the user CS1 is a valid user, the server device 40 permits the notebook PC 1 corresponding to the device identification information to be changed from the locked state to the normal state in which the OS can be started. That is, server device 40 permits downloading from notebook PC 1 of a program (for example, "Permission.efi") for changing from the locked state to the normal state when user CS1 is an authorized user.
The server device 40 also includes a NW communication unit 41 , a server storage unit 42 and a server control unit 43 .

The NW communication unit 41 is, for example, a wireless LAN module or LAN module, connects to the network NW1 by network communication such as wireless LAN or wired LAN, and communicates with the notebook PC 1 or the user terminal device 50 .
The server storage unit 42 is, for example, a storage device such as an HDD or SSD, and stores various information used by the server device 40 . The server storage unit 42 includes a registration information storage unit 421 and a permission file storage unit 422, for example. The registration information storage unit 421 and the permission file storage unit 422 are configured by storage devices such as HDDs and SSDs.

The registration information storage unit 421 associates and stores the device identification information and the customer ID. The registration information stored in the registration information storage unit 421 is stored (registered) in the registration information storage unit 421 after the purchase of the notebook PC 1 is confirmed and the user CS1 is confirmed. Here, an example of data in the registration information storage unit 421 will be described with reference to FIG.

FIG. 4 is a diagram showing an example of data in the registration information storage unit 421 in this embodiment.
As shown in FIG. 4, the registration information storage unit 421 associates and stores the device identification information, the customer ID, the permission file name, and the verification result. Here, the customer ID is an example of user identification information. Also, the permission file name indicates the file name of the program for changing the notebook PC 1 from the locked state to the normal state. It should be noted that, as for this program, different dedicated programs are generated according to each notebook PC 1 and user (purchaser), and different file names are given respectively. Further, the verification result indicates the result of verifying whether or not the user CS1 is a legitimate user with respect to the notebook PC1. "NG" is stored to indicate that it has not been executed.

For example, in the example shown in FIG. 4, notebook PC 1 whose device identification information is "PF-AAAAAA" was purchased by user CS1 whose customer ID is "CusXXXXXXX" and whose permission file name is "Permission-AX.efi". indicates that there is Also, the verification result for the notebook PC 1 whose device identification information is "PF-AAAAAA" is "OK" indicating that the valid user CS1 has been verified.

Returning to the description of FIG. 3, the permission file storage unit 422 stores a permission file which is a program for changing the notebook PC 1 from the locked state to the normal state. Permission files are stored in the permission file storage unit 422 with different file names according to the device identification information and the customer ID.

The server control unit 43 is, for example, a processor including a CPU, and controls the server device 40 in an integrated manner. The server control unit 43 includes a registration processing unit 431 , an information acquisition unit 432 and a change processing unit 433 . The server control unit 43, the registration processing unit 431, the information acquisition unit 432, and the change processing unit 433 are realized by causing the processor to execute programs stored in the memory.

The registration processing unit 431 executes registration processing of registration information (purchase information) in the registration information storage unit 421 . The registration processing unit 431 associates the device identification information of the notebook PC 1 to be shipped with the customer ID of the user when the notebook PC 1 is shipped in response to a request from, for example, a server device that manages shipping, and registers the registered information. It is stored in the storage unit 421 .

Further, the registration processing unit 431 generates a dedicated permission file corresponding to the device identification information and the customer ID, stores the generated permission file in the permission file storage unit 422, and registers the file name of the permission file. It is stored in the information storage unit 421 . Further, the registration processing unit 431 causes the registration information storage unit 421 to store the verification result as “NG” which is the initial state.

The information acquisition unit 432 acquires the device identification information and the customer ID included in the two-dimensional code displayed on the display unit 14 of the notebook PC 1 in the locked state from the user terminal device 50 usable by the user. The information acquisition unit 432 acquires device identification information and a customer ID from the user terminal device 50 via the NW communication unit 41 and the network NW1.

If the device identification information and the customer ID acquired by the information acquisition unit 432 from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421, the change processing unit 433 changes the device identification. It permits the laptop PC 1 corresponding to the information to be changed from the locked state to the normal state.

If the device identification information and the customer ID acquired by the information acquisition unit 432 from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421, the change processing unit 433 changes the device identification. It is verified that the user CS1 of the notebook PC 1 corresponding to the information is valid, and as the verification result, "OK" is stored in the registration information storage unit 421 in association with the device identification information and the customer ID. That is, when the device identification information and the customer ID acquired from the user terminal device 50 are registered in the registration information storage unit 421, the change processing unit 433 determines that the user CS1 of the corresponding notebook PC1 is valid. Then, the determination result of the registration information storage unit 421 is changed from "NG" to "OK".

Further, when the device identification information and the customer ID acquired by the information acquisition unit 432 from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421, the change processing unit 433 It permits transmission of a program (permission file) for changing the lock flag to the normal state by releasing the lock state to the notebook PC 1 corresponding to the device identification information. The change processing unit 433 acquires the permission file name corresponding to the device identification information and the customer ID from the registration information storage unit 421 in response to a request from the notebook PC 1 corresponding to the device identification information, and executes the program ( permission file) is read from the permission file storage unit 422 and transmitted to the notebook PC 1 via the NW communication unit 41 .

Next, the operation of the information processing system 100 according to this embodiment will be described with reference to the drawings.
FIG. 5 is a diagram showing an example of the operation of the information processing system 100 according to this embodiment.
As shown in FIG. 5, in the information processing system 100, when the purchased notebook PC 1 is first activated, the notebook PC 1 first displays a two-dimensional code in a locked state (step S101). The BIOS processing unit 101 of the notebook PC 1 confirms that the lock flag FG is "1" (locked state), executes cloud boot, and lock processing unit 102 reads the device identification information stored in the BIOS memory 22. The display unit 14 is caused to display a two-dimensional code indicating information including the device identification information obtained.

Next, the user terminal device 50 reads the two-dimensional code from the notebook PC 1 (step S102). The terminal control unit 56 of the user terminal device 50 uses the imaging unit 54 to obtain an image of the two-dimensional code.

Next, the user terminal device 50 acquires device identification information from the two-dimensional code (step S103). The terminal control unit 56 acquires device identification information included in the two-dimensional code from the image captured by the imaging unit 54 .

Next, the user terminal device 50 acquires a customer ID from the user CS1 (step S104). The terminal control unit 56 receives input of the customer ID from the user CS1 via the input unit 52 .

Next, the user terminal device 50 transmits the device identification information and the customer ID to the server device 40 (step S105). The terminal control unit 56 transmits the acquired device identification information and customer ID to the server device 40 via the NW communication unit 51 and the network NW1.

Next, the server device 40 determines whether or not a set of device identification information and customer ID is registered (step S106). The change processing unit 433 of the server device 40 determines whether the device identification information and the customer ID acquired by the information acquisition unit 432 from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421. Based on whether or not, it is determined whether or not the set of the device identification information and the customer ID is registered. If the set of device identification information and customer ID is registered (step S106: YES), change processing unit 433 advances the process to step S107. Moreover, the change processing unit 433 terminates the process when the combination of the device identification information and the customer ID is not registered (step S106: NO).

Next, in step S<b>107 , the server device 40 transmits the program (permission file, eg “Permission.efi”) to the notebook PC 1 . The change processing unit 433 permits transmission of the program (permission file), and transmits the program (permission file) to the notebook PC 1 in response to the download request from the notebook PC 1 . The change processing unit 433 acquires the permission file name corresponding to the device identification information and the customer ID from the registration information storage unit 421, reads out the program of the permission file name from the permission file storage unit 422, and transmits it via the NW communication unit 41. and transmit it to the notebook PC1.

Next, the notebook PC 1 releases the locked state and changes to the normal state (step S108). The lock processing unit of the notebook PC 1 executes the program (permission file) downloaded from the server device 40, changes the lock flag FG to "0" (normal state), and causes the OS to start the notebook PC 1. Change the boot sequence.

Next, with reference to FIG. 6, the details of the operation of the notebook PC 1 according to this embodiment will be described.
FIG. 6 is a flow chart showing an example of the operation of the notebook PC 1 according to this embodiment.
As shown in FIG. 6, when the notebook PC 1 is purchased and started for the first time, first, it is determined whether or not the lock flag FG is "1" (locked state) (step S201). The BIOS processing unit 101 of the notebook PC 1 confirms the lock flag FG of the BIOS memory 22 and determines whether or not the lock flag FG is "1" (locked state). If the lock flag FG is "1" (locked state) (step S201: YES), the BIOS processing unit 101 advances the process to step S202. If the lock flag FG is not "1" (locked state) ("0" (normal state)) (step S201: NO), the BIOS processing unit 101 advances the process to step S206.

In step S202, the lock processing unit 102 of the notebook PC 1 starts cloud boot and displays a two-dimensional code. The lock processing unit 102 acquires device identification information stored in the BIOS memory 22 and causes the display unit 14 to display a two-dimensional code indicating information including the device identification information. The lock processing unit 102 causes the display unit 14 to display a display image as shown in FIG. 7, for example. In FIG. 7, the two-dimensional code CD1 is a code indicating information including device identification information.

Next, the notebook PC 1 determines whether there is any key input (step S203). The lock processing unit 102 waits for any key input by the user CS1 via the input unit 32 . Here, it is assumed that the user CS1 uses the user terminal device 50 to transmit the device identification information and the customer ID to the server device 40, and then inputs an arbitrary key. If there is a key input (step S203: YES), lock processing unit 102 advances the process to step S204. Further, when there is no key input (step S203: NO), the lock processing unit 102 returns the processing to step S203.

In step S<b>204 , the lock processing unit 102 downloads the program (permission file) from the server device 40 . The lock processing unit 102 downloads a program (permission file) from the server device 40 via the WLAN card 25 and the network NW1, for example. Note that the lock processing unit 102 causes the display unit 14 to display, for example, a display image as shown in FIG. 8 while the program (permission file) is being downloaded.

Next, the lock processing unit 102 executes the program (permission file) and changes the lock flag FG to "0" (normal state) (step S205). The lock processing unit 102 executes a program (permission file) downloaded from the server device 40, changes the lock flag FG of the BIOS memory 22 to "0" (normal state), changes the boot procedure, Change it to start from After the change processing, the lock processing unit 102 causes the display unit 14 to display a display image as shown in FIG. 9, for example. Note that "Abcd Yxzz" shown in FIG. 9 is an example of the name of the user CS1.

Next, in step S206, the OS activation unit 103 of the notebook PC 1 performs normal state activation by the OS.

Next, with reference to FIG. 10, the details of the operation of the server device 40 according to this embodiment will be described.
FIG. 10 is a flow chart showing an example of the operation of the server device 40 according to this embodiment.
As shown in FIG. 10, the server device 40 determines whether or not the device identification information and the customer ID have been received from the user terminal device 50 (step S301). The device identification information and the customer ID from the user terminal device 50 depending on whether the information acquisition unit 432 of the server device 40 has acquired the device identification information and the customer ID from the user terminal device 50 via the NW communication unit 41. is received. When the information acquisition unit 432 receives the device identification information and the customer ID from the user terminal device 50 (step S301: YES), the process proceeds to step S302. If the information acquisition unit 432 has not received the device identification information and the customer ID from the user terminal device 50 (step S301: NO), the process returns to step S301.

In step S302, the change processing unit 433 of the server device 40 determines whether or not the device identification information and customer ID obtained from the user terminal device 50 match the registered device identification information and customer ID. . That is, the change processing unit 433 determines whether or not the device identification information and customer ID acquired from the user terminal device 50 match the device identification information and customer ID stored in the registration information storage unit 421 . If they match (step S302: YES), change processing unit 433 advances the process to step S303. If they do not match (step S302: NO), change processing unit 433 terminates the process.

In step S303, the change processing unit 433 sets the verification result to "OK" and permits unlocking of the locked state. The change processing unit 433 changes the determination result of the registration information storage unit 421 from "NG" to "OK", and permits downloading of the program (permission file).

Next, the change processing unit 433 determines whether or not there is a program download request from the notebook PC 1 (step S304). If there is a program download request from the notebook PC 1 (step S304: YES), the change processing unit 433 advances the process to step S305. If there is no program download request from the notebook PC 1 (step S304: NO), the change processing unit 433 returns the process to step S304.

In step S305, the change processing unit 433 transmits the program (permission file) to the notebook PC1. That is, the change processing unit 433 acquires the permission file name corresponding to the device identification information and the customer ID from the registration information storage unit 421 in response to the download request, and stores the program (permission file) of the permission file name in the permission file. It reads from the storage unit 422 and transmits it to the notebook PC 1 corresponding to the device identification information via the NW communication unit 41 . After the process of step S305, the change processing unit 433 ends the process.

As described above, the server device 40 according to the present embodiment is a server device 40 that can be connected via the network NW1 to the notebook PC 1 (information processing device) that is shipped in a locked state in which activation by the OS is prohibited. , a registration information storage unit 421 , an information acquisition unit 432 , and a change processing unit 433 . The registration information storage unit 421 stores apparatus identification information for identifying the notebook PC 1 and a customer ID (user identification information) for identifying the user who uses the notebook PC 1 in association with each other. The information acquisition unit 432 acquires the device identification information and the customer ID included in the two-dimensional code (display information) displayed on the display unit 14 of the notebook PC 1 in the locked state to the user terminal device 50 that can be used by the user. Obtained from (terminal device). If the device identification information and the customer ID acquired by the information acquisition unit 432 from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421, the change processing unit 433 changes the device identification. It permits the notebook PC 1 corresponding to the information to be changed from the locked state to the normal state in which the OS can be started.

As a result, the server device 40 according to the present embodiment uses the registered device identification information and the customer ID to verify the legitimacy of the user CS1 of the notebook PC 1. There is no need to set a different password for each CS1. Therefore, the server device 40 according to the present embodiment can improve security when shipping the notebook PC 1 (information processing device), and can reduce unauthorized use by a third party.
Further, since the server device 40 according to the present embodiment is in a locked state until the validity of the user CS1 is verified by the server device 40, a computer virus can be detected before the notebook PC1 reaches the user CS1 who is the purchaser. It is possible to prevent unauthorized software such as monitoring software from being installed.

Further, in this embodiment, the notebook PC 1 is locked based on the lock flag FG (flag information). The change processing unit 433 sets the lock flag when the device identification information and the customer ID acquired by the information acquisition unit 432 from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421. It is permitted to transmit (download) a program for changing the FG to the normal state by releasing the lock state to the notebook PC 1 corresponding to the device identification information.

As a result, the server device 40 according to the present embodiment can appropriately change the notebook PC 1 from the locked state to the normal state by a simple method using the lock flag FG (flag information).

Further, the information processing system 100 according to this embodiment includes the server device 40 and the notebook PC 1 described above.
As a result, the information processing system 100 according to the present embodiment has the same effect as the server device 40 described above, and can improve security when shipping the notebook PC 1 (information processing device), preventing fraud by a third party. use can be reduced.

Further, the information processing system 100 according to the present embodiment acquires the device identification information based on the two-dimensional code (display information) displayed by the notebook PC 1, and combines the acquired device identification information with the customer ID acquired from the user CS1. and the user terminal device 50 for transmitting to the server device 40 . That is, the display information is a two-dimensional code, and the user terminal device 50 reads the two-dimensional code and obtains the device identification information included in the two-dimensional code.

Thereby, the information processing system 100 according to the present embodiment can appropriately acquire the device identification information and the customer ID of the notebook PC 1 from the valid user CS1 and transmit them to the server device 40 .

Further, in the present embodiment, the laptop PC 1 displays a two-dimensional code including device identification information on the display unit 14 in the locked state, and executes a program obtained from the server device 40, thereby changing from the locked state to the normal state. A main control unit 10 (control unit) to be changed is provided.

As a result, the information processing system 100 according to the present embodiment can appropriately control the locked state and the normal state of the notebook PC 1, and according to the verification result of the server device 40, the notebook PC 1 can be changed from the locked state to the normal state. state can be safely changed.

Further, the notebook PC 1 (information processing device) according to the present embodiment can be connected to the server device 40 via a network, and is shipped in a locked state in which activation by the OS is prohibited based on the lock flag FG. The notebook PC 1 includes a main control unit 10 . When the lock flag FG indicates the locked state, the main control unit 10 causes the display unit 14 to display a two-dimensional code including device identification information for identifying the device in the locked state. indicates a possible normal state, perform booting by the OS. Then, the main control unit 10 detects the device identification information stored in the server device 40, the customer ID that identifies the user who uses the device, and the user terminal device 50 that can be used by the user based on the two-dimensional code. When the detected device identification information matches the customer ID obtained from the user, the server device 40 executes a program whose transmission is permitted, thereby changing from the locked state to the normal state.

As a result, the notebook PC 1 according to the present embodiment has the same effect as the server device 40 and the information processing system 100 described above, and can improve security when shipping the notebook PC 1 (information processing device). unauthorized use by third parties can be reduced.

Further, the information processing method according to the present embodiment includes the notebook PC 1 that is shipped in a locked state in which activation by the OS is prohibited, the device identification information that identifies the notebook PC 1, and the customer ID that identifies the user who uses the notebook PC 1. and a server device 40 connectable to a notebook PC 1 via a network, comprising: a display step; an information acquisition step; , an authorization step, and a change processing step. In the display step, the notebook PC 1 displays the two-dimensional code including the device identification information corresponding to the own device on the display unit 14 in the locked state. In the information acquisition step, the server device 40 transmits the device identification information and the customer ID included in the two-dimensional code displayed on the display unit 14 of the notebook PC 1 in the locked state to the user terminal device 50 that can be used by the user. Get from In the permission step, when the device identification information and the customer ID acquired from the user terminal device 50 by the server device 40 match the device identification information and the customer ID stored in the registration information storage unit 421, the device identification information It permits the corresponding notebook PC 1 to be changed from the locked state to the normal state in which the OS can be started. In the change processing step, when the notebook PC 1 is permitted to change from the locked state to the normal state, the locked state is changed to the normal state.

As a result, the information processing method according to the present embodiment has the same effects as those of the server device 40, the information processing system 100, and the notebook PC 1 described above, and improves security when shipping the notebook PC 1 (information processing device). and reduce unauthorized use by third parties.

In the information processing system 100 and the information processing method according to the present embodiment, no user information is stored in the notebook PC 1. Therefore, even if the notebook PC 1 is stolen, for example, the user information may be leaked. is low and unauthorized access can be prevented.
In addition, in the information processing system 100 and the information processing method according to the present embodiment, since communication between the notebook PC 1 and the server device 40 is required when booting is permitted, a record is always kept every time booting is permitted. Accordingly, the information processing system 100 and the information processing method according to this embodiment can prove whether or not unauthorized access has occurred.

[Second embodiment]
Next, an information processing system 100a and a server device 40a according to a second embodiment will be described with reference to the drawings. In the present embodiment, a modification will be described in which registration information registered in the server device 40a can be invalidated after the notebook PC 1 is shipped.

FIG. 11 is a functional block diagram showing an example of the functional configuration of an information processing system 100a according to the second embodiment.
A schematic block diagram showing a configuration example of the information processing system 100a according to the present embodiment is shown in FIG. Since it is the same as the information processing system 100, its description is omitted here.

As shown in FIG. 11, the information processing system 100a includes a notebook PC 1, a server device 40a, a user terminal device 50, and an administrator terminal device 60. FIG.
In addition, in FIG. 11, the same reference numerals are assigned to the same configurations as those of the first embodiment shown in FIG. 3, and the description thereof will be omitted.

The server device 40a verifies the legitimacy of the user CS1 of the notebook PC 1 depending on whether or not the device identification information and the customer ID obtained from the user terminal device 50 are registered in the server device 40a. The server device 40a also includes a NW communication unit 41, a server storage unit 42a, and a server control unit 43a.

The server storage unit 42a stores various information used by the server device 40a. The server storage unit 42a includes a registration information storage unit 421a and a permission file storage unit 422, for example.

The registration information storage unit 421a stores device identification information, a customer ID, and invalidation information indicating whether or not to invalidate the purchase of the notebook PC 1 in association with each other. The registration information stored in the registration information storage unit 421a is stored (registered) in the registration information storage unit 421a after the purchase of the notebook PC 1 is confirmed and the user CS1 is confirmed. Moreover, the invalidation information in the registration information storage unit 421a can be changed by the administrator terminal device 60, which will be described later. Here, an example of data in the registration information storage unit 421a will be described with reference to FIG.

FIG. 12 is a diagram showing an example of data in the registration information storage unit 421a in this embodiment.
As shown in FIG. 12, the registration information storage unit 421a stores device identification information, customer ID, permission file name, verification result, and invalidity information in association with each other. Here, the invalidation information is information indicating whether to invalidate the purchase of the notebook PC 1, and "valid" or "invalid" is stored. The invalid information stores "valid" indicating that the registration information is valid when the notebook PC 1 is shipped. Further, the invalid information is changed to "invalid" by the administrator terminal device 60 when it is desired to invalidate the registration information after the notebook PC 1 is shipped. Other information in the registration information storage unit 421a is the same as that in the registration information storage unit 421 described above, so description thereof will be omitted here.

For example, in the example shown in FIG. 12, notebook PC 1 whose device identification information is "PF-AAAAAA" was purchased by user CS1 whose customer ID is "CusXXXXXXX" and whose permission file name is "Permission-AX.efi". indicates that there is The verification result for the notebook PC 1 whose device identification information is "PF-AAAAAA" is "OK" indicating that the valid user CS1 has been verified, and the invalidation information is "valid" (valid state). indicates that there is That is, it indicates that the registration information whose device identification information is "PF-AAAAAA" is valid.

Also, the notebook PC 1 whose device identification information is "PF-BBBBBB" was purchased by the user CS1 whose customer ID is "CusYYYYYY", and the permission file name is "Permission-BY.efi". The verification result for the notebook PC 1 whose device identification information is "PF-BBBBBB" is "NG" indicating that the valid user CS1 has not been verified, and the invalidation information is "invalid" (invalid state). indicates that there is In other words, it indicates that the registration information whose device identification information is "PF-BBBBBB" is invalid.

Returning to the description of FIG. 11, the server control unit 43a is, for example, a processor including a CPU, and controls the server device 40a in an integrated manner. The server control unit 43a includes a registration processing unit 431a, an information acquisition unit 432, and a change processing unit 433a.

The registration processing unit 431a executes registration processing of registration information (purchase information) in the registration information storage unit 421a. The registration processing unit 431a associates the device identification information of the notebook PC 1 to be shipped with the customer ID of the user when shipping the notebook PC 1 in response to a request from, for example, a server device that manages shipping, and registers the registered information. It is stored in the storage unit 421a.

Further, the registration processing unit 431a generates a dedicated permission file corresponding to the device identification information and the customer ID, stores the generated permission file in the permission file storage unit 422, and registers the file name of the permission file. It is stored in the information storage unit 421a. The registration processing unit 431a stores the verification result as an initial state of "NG" in the registration information storage unit 421a, and stores the invalid information as an initial state of "valid" in the registration information storage unit 421a.
Further, the registration processing unit 431a changes invalid information in the registration information storage unit 421a in response to a request from the administrator terminal device 60. FIG.

The change processing unit 433a determines that the device identification information and the customer ID that the information acquisition unit 432 has acquired from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421a, and that the invalid information is information (“valid”) that does not invalidate the purchase of the notebook PC 1, the notebook PC 1 corresponding to the device identification information is permitted to be changed from the locked state to the normal state. Further, the change processing unit 433a changes the notebook PC 1 from the locked state to the normal state when the invalidation information stored in the registration information storage unit 421a is information for invalidating the purchase of the notebook PC 1 ("invalid"). prohibited.

The administrator terminal device 60 is, for example, a terminal device such as a PC (personal computer), and is a terminal device used by an administrator. The administrator terminal device 60 can be connected to the server device 40a via the network NW1. The administrator terminal device 60 prevents the user CS1 registered in the server device 40a from using the notebook PC 1 when, for example, the notebook PC 1 is purchased but canceled after shipment or when the notebook PC 1 is no longer needed. Then, a process of changing the invalidation information stored in the registration information storage unit 421a is executed.

Next, the operation of the information processing system 100a according to this embodiment will be described with reference to the drawings.
FIG. 13 is a diagram showing an example of the operation of the information processing system 100a according to this embodiment.
In FIG. 13, the processing from step S401 to step S406 is the same as the processing from step S101 to step S106 shown in FIG. 5, so description thereof will be omitted.

In step S406, the change processing unit 433a advances the process to step S407 when the combination of the device identification information and the customer ID is registered (step S406: YES). Moreover, the change processing unit 433a terminates the process when the combination of the device identification information and the customer ID is not registered (step S406: NO).

In step S407, the change processing unit 433a determines whether or not the registration information is in an invalid state. The change processing unit 433a determines whether invalid information corresponding to the device identification information and the customer ID in the registration information storage unit 421a is in an invalid state (“invalid”). If the invalidation information is in an invalid state (“invalid”) (step S407: YES), the change processing unit 433a ends the process. If the invalidation information is not in an invalid state (invalid state (“invalid”)) (step S407: NO), the change processing unit 433a advances the process to step S408.

Since the processing of subsequent steps S408 and S409 is the same as the processing up to step S107 and step S108 shown in FIG. 5, the description thereof will be omitted.

Next, with reference to FIG. 14, the details of the operation of the server device 40a according to this embodiment will be described.
FIG. 14 is a flow chart showing an example of the operation of the server device 40a according to this embodiment.
In FIG. 14, the processes of steps S501 and S502 are the same as the processes of steps S301 and S302 shown in FIG. 10, and thus description thereof is omitted.

In step S503, the change processing unit 433a changes the verification result to "OK". The change processing unit 433a changes the determination result of the registration information storage unit 421a from "NG" to "OK".

Next, the change processing unit 433a determines whether or not the registration information is in an invalid state (step S504). The change processing unit 433a determines whether invalid information corresponding to the device identification information and the customer ID in the registration information storage unit 421a is in an invalid state (“invalid”). If the invalidation information is in an invalid state (“invalid”) (step S504: YES), the change processing unit 433a ends the process. If the invalidation information is not in the invalid state (invalid state (“invalid”)) (step S504: NO), the change processing unit 433a advances the process to step S505.

In step S505, the change processing unit 433a permits release of the locked state. That is, the change processing unit 433a permits downloading of the program (permission file).
The subsequent processing of steps S506 and S507 is the same as the processing of steps S304 and S305 shown in FIG. 10, so description thereof will be omitted.

As described above, the server device 40a of the information processing system 100a according to this embodiment includes the registration information storage unit 421a and the change processing unit 433a. The registration information storage unit 421a stores device identification information, a customer ID, and invalidation information indicating whether or not to invalidate the purchase of the notebook PC 1 in association with each other. The change processing unit 433a determines that the device identification information and the customer ID that the information acquisition unit 432 has acquired from the user terminal device 50 match the device identification information and the customer ID stored in the registration information storage unit 421, and that the invalid information is information that does not invalidate the purchase of the notebook PC 1, the notebook PC 1 corresponding to the device identification information is permitted to be changed from the locked state to the normal state. Further, the change processing unit 433a prohibits changing from the locked state to the normal state when the invalidation information is information invalidating the purchase of the notebook PC 1. FIG.

As a result, the information processing system 100a and the server device 40a according to the present embodiment can invalidate the registration information (purchase information) of the server device 40a when, for example, the purchase of the notebook PC 1 is canceled. Unauthorized use by the user CS1 who later canceled the purchase can be prevented.

It should be noted that the present invention is not limited to the above embodiments, and can be modified without departing from the gist of the present invention.
For example, in each of the above embodiments, an example in which the information processing device is the notebook PC 1 has been described, but the information processing device is not limited to this, and may be other information processing devices such as a tablet terminal device or a desktop PC. good too.

Also, in each of the above-described embodiments, an example in which the user terminal device 50 is a mobile terminal such as a smart phone has been described, but the present invention is not limited to this. The user terminal device 50 is, for example, a desktop PC or other terminal device as long as it can acquire a two-dimensional code and transmit device identification information and a customer ID to the server device 40 (40a). may

In each of the above-described embodiments, an example of using a customer ID as an example of user identification information has been described, but the present invention is not limited to this. ) may be other identification information, such as a login ID.

Further, in each of the above embodiments, the server device 40 (40a) is described as one device, but is not limited to this, and may be configured by a plurality of devices (for example, a plurality of server devices). good too.
In each of the above embodiments, a two-dimensional code is used as an example of the display information (code image), and the two-dimensional code is a QR code (registered trademark). Instead, for example, other two-dimensional code such as a two-dimensional barcode may be used. Also, the display information (code image) may be, for example, a one-dimensional code such as a bar code, or a character string capable of OCR (optical character recognition).

Each component included in the information processing system 100 (100a) described above has a computer system therein. Then, a program for realizing the function of each configuration provided in the information processing system 100 (100a) described above is recorded on a computer-readable recording medium, and the program recorded on this recording medium is read by the computer system, By executing it, the processing in each configuration included in the information processing system 100 (100a) described above may be performed. Here, "loading and executing the program recorded on the recording medium into the computer system" includes installing the program in the computer system. The "computer system" here includes hardware such as an OS and peripheral devices.
Also, the "computer system" may include a plurality of computer devices connected via a network including communication lines such as the Internet, WAN, LAN, and dedicated lines. The term "computer-readable recording medium" refers to portable media such as flexible discs, magneto-optical discs, ROMs and CD-ROMs, and storage devices such as hard discs incorporated in computer systems. Thus, the recording medium storing the program may be a non-transitory recording medium such as a CD-ROM.

The recording medium also includes an internal or external recording medium accessible from the distribution server for distributing the program. It should be noted that even if the program is divided into a plurality of parts and downloaded at different timings and then combined in each structure provided in the information processing system 100 (100a), or if the distribution servers that distribute the divided programs are different, good. Furthermore, a "computer-readable recording medium" is a volatile memory (RAM) inside a computer system that acts as a server or client when the program is transmitted via a network, and retains the program for a certain period of time. It shall also include things. Further, the program may be for realizing part of the functions described above. Further, it may be a so-called difference file (difference program) that can realize the above functions by combining with a program already recorded in the computer system.

Also, part or all of the functions described above may be implemented as an integrated circuit such as an LSI (Large Scale Integration). Each function mentioned above may be processor-ized individually, and may integrate|stack and processor-ize a part or all. Also, the method of circuit integration is not limited to LSI, but may be realized by a dedicated circuit or a general-purpose processor. In addition, when an integration circuit technology that replaces LSI appears due to advances in semiconductor technology, an integrated circuit based on this technology may be used.

1 laptop
10 main control unit 11 CPU
12 main memory 13 video subsystem 14, 53 display unit 21 chipset 22 BIOS memory 23 HDD
24 audio system 25 WLAN card 26 USB connector 31 embedded controller (EC)
32, 52 input unit 33 power supply circuit 40, 40a server device 41, 51 NW communication unit 42, 42a server storage unit 43, 43a server control unit 50 user terminal device 54 imaging unit 55 terminal storage unit 56 terminal control unit 60 administrator Terminal device 100, 100a Information processing system 101 BIOS processing unit 102 Lock processing unit 103 OS activation unit 421, 421a Registration information storage unit 422 Permission file storage unit 431, 431a Registration processing unit 432 Information acquisition unit 433, 433a Change processing unit CS1 Use Party FG Lock flag NW1 network

Claims (9)

A server device that can be connected via a network to an information processing device that is shipped in a locked state that prohibits activation by an OS (Operating System),
a registration information storage unit that associates and stores device identification information that identifies the information processing device and user identification information that identifies a user who uses the information processing device;
an information acquisition unit that acquires the device identification information included in the display information displayed on the display unit of the information processing device in the locked state and the user identification information from a terminal device usable by the user; ,
When the device identification information and the user identification information acquired from the terminal device by the information acquisition unit match the device identification information and the user identification information stored in the registered information storage unit, the device A server apparatus comprising: a change processing unit that permits the information processing apparatus corresponding to the identification information to be changed from the locked state to a normal state that can be activated by the OS. The information processing device puts the information processing device into the locked state based on the flag information,
The change processing unit causes the device identification information and the user identification information acquired from the terminal device by the information acquisition unit to match the device identification information and the user identification information stored in the registered information storage unit. 2. The information processing device corresponding to the device identification information is permitted to transmit a program for changing the flag information so as to release the locked state and change the flag information to the normal state. server equipment. the registration information storage unit associates and stores the device identification information, the user identification information, and invalidation information indicating whether to invalidate purchase of the information processing device;
The change processing unit
The device identification information and the user identification information acquired from the terminal device by the information acquisition unit match the device identification information and the user identification information stored in the registered information storage unit, and the invalidity permitting the information processing device corresponding to the device identification information to be changed from the locked state to the normal state when the information is information that does not invalidate the purchase of the information processing device;
3. The server device according to claim 1, wherein when the invalidation information is information invalidating the purchase of the information processing device, changing from the locked state to the normal state is prohibited. a server device according to any one of claims 1 to 3;
An information processing system comprising: the information processing device; acquiring the device identification information based on the display information displayed by the information processing device, and transmitting the acquired device identification information and the user identification information acquired from the user to the server device; The information processing system according to claim 4, comprising the terminal device. The display information is a two-dimensional code,
The information processing system according to claim 5, wherein the terminal device reads the two-dimensional code and acquires the device identification information included in the two-dimensional code. The information processing device is
A control unit for changing the locked state to the normal state by causing the display unit to display the display information including the device identification information in the locked state and executing a program acquired from the server device. The information processing system according to any one of claims 4 to 6. An information processing device that is connectable to a server device via a network and shipped in a locked state that prohibits activation by an OS (Operating System) based on flag information,
When the flag information indicates the locked state, display information including device identification information for identifying the device in the locked state is displayed on a display unit, and the flag information indicates a normal state in which the OS can start up. A control unit that executes startup by the OS when indicating
The control unit controls the device identification information stored in the server device, the user identification information for identifying the user who uses the own device, and the terminal device usable by the user based on the display information. When the detected device identification information matches the user identification information acquired from the user, the locked state is changed to the normal state by executing a program whose transmission is permitted from the server device. Information processing equipment. An information processing device that is shipped in a locked state that prohibits activation by an OS (Operating System), device identification information that identifies the information processing device, and user identification information that identifies a user who uses the information processing device. An information processing method for an information processing system comprising a registration information storage unit that stores in association with and a server device that can be connected to the information processing device via a network,
a step in which the information processing device displays display information including the device identification information corresponding to the own device on a display unit in the locked state;
The server device transmits the device identification information included in the display information displayed on the display unit of the information processing device in the locked state and the user identification information from the terminal device usable by the user. a step of obtaining;
When the device identification information and the user identification information acquired from the terminal device by the server device match the device identification information and the user identification information stored in the registration information storage unit, the device a step of permitting the information processing device corresponding to the identification information to be changed from the locked state to a normal state in which the OS can boot;
an information processing method comprising: changing the locked state to the normal state when the information processing device is permitted to change from the locked state to the normal state.

Images